MEDICAT SECURITY & RELIABILITY

Medicat Hosted Technology

Setting the Industry Standard for Reliability & Redundancy

Medicat’s hosted solution sets the industry standard with a 99.99% Service Level Guarantee. That is, Medicat’s hosted solution guarantees less than 5 minutes of downtime per month. We are not aware of any other EHR vendor, student health or commercial, that guarantees a “four nine” availability standard.

Hosted clients benefit from a secure, Medicat-owned private cloud infrastructure housed within a TierPoint Type 2 SOC 2 and SOC 3 facility, which is certified at a Tier III Standard by the Uptime Institute and located in Research Triangle Park, North Carolina.

Medicat’s private cloud infrastructure is designed to a Fault Tolerant, High Availability 2N standard. At the Research Triangle Park facility, there are two independent, fully duplicated, Medicat data centers, each with N+1 Fault Tolerant, solid state hardware enabling stateful (real time) internal failover of all SAN and network components.

One data center is designated for Production and the other is designated as a Hot Standby. Client data, all encrypted at rest, is synchronously replicated in real time across both data centers. Should the Production data center suffer a non-recoverable hardware, software or operating system failure, Medicat users would be immediately redirected to the Hot Standby data center with no loss of data or time.

This High Availability architecture meets the industry’s 2N best practice standard and enables the 99.99% uptime guarantee.

Disaster Recovery with Minimal Down Time

Medicat has also taken geographic redundancy to the next level with a pre-built Warm Standby disaster recovery site at a comparable TierPoint facility in Chicago, Illinois. This facility, also designed to a 2N standard, asynchronously replicates and archives client data from the Research Triangle Park facility.

Should a catastrophic, non-recoverable event disable the TierPoint facility in Research Triangle Park (e.g., direct hit by a large tornado), Medicat would bring up the Warm Standby site in Chicago, and users could resume their work with only a brief interruption. In this case, Medicat has a Recovery Time Objective (time to resume use of the system) of 3 hours or less and a Recovery Point Objective (time over which data would be lost) of less than 1 hour.

College Health EHR with Type 2 SOC 2

To ensure storage, handling, and protection of clients’ electronic Patient Health Information (ePHI) meets and exceeds all government and industry standards, Medicat has made significant investments in its infrastructure and security framework. To substantiate that investment, Medicat has gone through the same third-party audit process as leading data centers in the country and has received Type 1 SOC 2 and Type 2 SOC 2 Examinations.

A company that has performed Type 2 SOC 2 Examination has proven its system is designed to keep clients’ sensitive data secure over time. When it comes to the cloud and related IT services, such performance and reliability are essential and required more often by regulators, examiners, and auditors.

“When asked if they are HIPAA compliant, EHR vendors may answer yes. But the only way to prove compliance is for the vendor to successfully complete an external audit, preferably one conducted by a reputable audit firm with HIPAA experience,” said Daryl Rolley, Medicat CEO. “The rigorous requirements of a Type 2 SOC 2 Examination provide an unmatchable level of confidence and security when considering a move to the cloud. It is critical to ensure your EHR partner has achieved external audits to meet these standards.”